Rapport: Förstudie om digital säkerhet för små och medelstora företag i Skåne

The results of our online survey with 26 respondents working in SMEs in Skåne show that there was at least one respondent in every attack scenario saying that they were knowingly victim of such an attack. The attack scenarios we identified were: network/server hacked, data theft or encryption, virus/malware infection, smartphone hack, and phishing emails. Furthermore, we believe that this survey also highlights a misunderstanding of cyberattacks and their impact. For instance, out of the five attack scenarios the first three were rated as having the biggest impact whereas smartphones being hacked and phishing emails were mostly rated as having a small or medium impact on the company. This highlights also a somewhat limited understanding of the complexity of cyber attacks, as the last types of attacks are the first step for attackers to get access into the system and ultimately compromise the entire IT infrastructure of a company and perform their attack. The importance of social engineering/phishing attacks is also identified in the Cybersäkerhet i Sverige 2022 report by the Nationellt Cybersäkerhetscenter. On a positive note, our study indicates that people have become more aware of the different types of attacks, especially of phishing attacks as half of therespondents indicated that they were exposed to such attacks before. This is probably also due to the educational work aimed at the general public.

Download the pre-study here.